Enum rocket::shield::Hsts

source · 
pub enum Hsts {
    Enable(Duration),
    IncludeSubDomains(Duration),
    Preload(Duration),
}
Expand description

The HTTP Strict-Transport-Security (HSTS) header: enforces strict HTTPS usage.

HSTS tells the browser that the site should only be accessed using HTTPS instead of HTTP. HSTS prevents a variety of downgrading attacks and should always be used when TLS is enabled. Shield will turn HSTS on and issue a warning if you enable TLS without enabling HSTS when the application is run in non-debug profiles.

While HSTS is important for HTTPS security, incorrectly configured HSTS can lead to problems as you are disallowing access to non-HTTPS enabled parts of your site. Yelp engineering has good discussion of potential challenges that can arise and how to roll this out in a large scale setting. So, if you use TLS, use HSTS, but roll it out with care.

Variants§

§

Enable(Duration)

Browser should only permit this site to be accesses by HTTPS for the next Duration.

§

IncludeSubDomains(Duration)

Like Hsts::Enable, but also apply to all of the site’s subdomains.

§

Preload(Duration)

Send a “preload” HSTS header, which requests inclusion in the HSTS preload list. This variant implies Hsts::IncludeSubDomains, which implies Hsts::Enable.

The provided Duration must be at least 365 days. If the duration provided is less than 365 days, the header will be written out with a max-age of 365 days.

Details

Google maintains an HSTS preload service that can be used to prevent the browser from ever connecting to your site over an insecure connection. Read more at MDN. Don’t enable this before you have registered your site and you ensure that it meets the requirements specified by the preload service.

Trait Implementations§

source§

impl Clone for Hsts

source§

fn clone(&self) -> Hsts

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Default for Hsts

Defaults to Hsts::Enable(Duration::days(365)).

source§

fn default() -> Hsts

Returns the “default value” for a type. Read more
source§

impl From<&Hsts> for Header<'static>

source§

fn from(hsts: &Hsts) -> Self

Converts to this type from the input type.
source§

impl PartialEq<Hsts> for Hsts

source§

fn eq(&self, other: &Hsts) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl Policy for Hsts

source§

const NAME: &'static str = "Strict-Transport-Security"

The actual name of the HTTP header. Read more
source§

fn header(&self) -> Header<'static>

Returns the Header to attach to all outgoing responses. Read more
source§

impl Copy for Hsts

source§

impl StructuralPartialEq for Hsts

Auto Trait Implementations§

§

impl RefUnwindSafe for Hsts

§

impl Send for Hsts

§

impl Sync for Hsts

§

impl Unpin for Hsts

§

impl UnwindSafe for Hsts

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<'a, T> AsTaggedExplicit<'a> for Twhere T: 'a,

§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self>

§

impl<'a, T> AsTaggedImplicit<'a> for Twhere T: 'a,

§

fn implicit( self, class: Class, constructed: bool, tag: u32 ) -> TaggedParser<'a, Implicit, Self>

source§

impl<T> Borrow<T> for Twhere T: ?Sized,

const: unstable · source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

const: unstable · source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

const: unstable · source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for Twhere U: From<T>,

const: unstable · source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> IntoCollection<T> for T

§

fn into_collection<A>(self) -> SmallVec<A>where A: Array<Item = T>,

Converts self into a collection.
§

fn mapped<U, F, A>(self, f: F) -> SmallVec<A>where F: FnMut(T) -> U, A: Array<Item = U>,

source§

impl<T> Same<T> for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
const: unstable · source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
const: unstable · source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for Twhere V: MultiLane<T>,

§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more